<?php
//用户、权限类
class lib_user{
	public static $instance;
	
	private static $_session;
	
	private static $userModel;
	
	private static $powerConfig;
	
	private $user;
	
	public function __get($name){
		if (isset($this->user->$name)){
			return $this->user->$name;
		}
		return 'Attribute not found';
	}
	
	function __construct(){
		//如果没初始化，则登录成游客
		if (!$this->user = $this->get_user()){
			$this->login_as_guest();
		}
	}
	
	//登录成游客
	public function login_as_guest(){
		$this->user = (object)array (
			'id' => 0,
			'username' => 'guest',
			'power'=>self::$powerConfig->userPower['guest'],
			'powerName'=>__('guest'),
			'parentId'=>1,
			'ip' => common::getip()
		);
		$this->complete_login();
		return $this->get_user();
	}
	
	public static function instance(){
		self::$powerConfig = project::config('config');
		self::$userModel = ORM::factory(project::config('libconfig')->userTable);
		self::$_session = Session::instance();
		self::$instance = new self;
		return self::$instance->user;
	}
	
	private function get_user(){
		return self::$_session->get('user');
	}
	
	//返回账户对象
	private function get_user_prototype(){
		if (self::$userModel->loaded()){
			return (object)array (
				'id' => self::$userModel->id,
				'username' => self::$userModel->username,
				'power'=>self::$powerConfig->userPower[self::$userModel->power],
				'powerName'=>__(self::$userModel->power),
				'ip' => common::getip()
			);
		}
		return false;
	}
	
	//登录
	public function login($username,$password){
		list($username,$password) = lib_security::killinject(array($username,$password));
		$password = lib_security::passEncode($password);
		
		self::$userModel->where('deleted','!=','1')->where('username','=',$username)->find();
		if (self::$userModel->loaded()){
			if (isset(self::$userModel->password) && (self::$userModel->password === $password)){
				if ($this->user = $this->get_user_prototype()){
					$this->complete_login();
					lib_message::message('登陆成功');
					return $this->get_user();
				}
			}else{
				lib_message::message('密码错误');
				return false;
			}
		}else{
			lib_message::message('该用户不存在');
			return false;
		}
		
		return false;
	}
	
	//检查是否已登录
	public function logged_in(){
		return ((int)$this->get_user()->id > 0);
	}
	
	//注销
	public function logout(){
		self::$_session->delete('user');
		return $this->login_as_guest();
	}
	
	//注册账户
	public function register($username,$password){
		list($username,$password) = lib_security::killinject(array($username,$password));
		$password = lib_security::passEncode($password);
		
		self::$userModel->where('deleted','=','0')->where('username','=',$username)->find();
		if (self::$userModel->loaded()){
			lib_message::message('用户名已被注册');
			return false;
		}else{
			self::$userModel->values(array(
				'username'=>$username,
				'password'=>$password,
				'power'=>'member',
				'parentId'=>1
			))->save();
			if ($this->user = $this->get_user_prototype()){
				$this->complete_login();
				lib_message::message('注册成功');
				return $this->get_user();
			}
		}
		
		return false;
	}
	
	//更改账户
	public function modify(array $modifies){
		if (self::$userModel->loaded()){
			self::$userModel->values($modifies)->save();
		}else{
			lib_message::message('尚未登录');
			return false;
		}
		
		if ($this->user = $this->get_user_prototype()){
			$this->complete_login();
			lib_message::message('账户修改成功');
			return $this->get_user();
		}
		
		return false;
	}
	
	public function delete($userId){
		if (in_array($this->get_user()->power,self::$powerConfig->deletePower)){
			lib_message::message('对不起，你没有权限删除用户');
			return false;
		}
		if ($userId == $this->get_user()->id){
			lib_message::message('你不能删除自己');
			return false;
		}
		$deleting = ORM::factory('user',$userId);
		if ($deleting->loaded()){
			$deleting->values(array('deleted'=>'1'))->save();
			lib_message::message('删除用户成功');
		}else{
			lib_message::message('找不到该用户');
			return false;
		}
		return true;
	}
	
	//获取权限名称
	public function getPower(){
		return __(self::$userModel->power);
	}
	
	//将账户对象存入session，完成登陆
	protected function complete_login(){
		self::$_session->set('user',$this->user);
	}
}